There is always a lot of debate in regards to the best possible way to eliminate email spam, and there is nothing more annoying than working on the road, connecting to the corporate network, and spending a big chunk of time downloading 30 emails, only to discover that 29 of them are spam.
Most off the shelf spam filtering solutions are largely useless. They rely too much on the “daily update” model – much like anti-virus. Once a day, they download a new set of detection signatures, designed to trap the latest spam profiles.
The problem here is that spammers are smarter than that. They come up with new profiles, and attack vectors everyday. No sooner do the spam filters update for yesterday’s spam, they are useless against today’s spam.
Blackhole lists are useful, but you often end up blanking out too much email, and miss far too many legitimate emails.
Newer challenge response systems are great, but often frighten genuine email senders that they have been caught by a spammer, and refuse to respond to the challenge.
Then you have the problems of false negatives – (emails that should have been marked as spam, but weren’t) – and false positives – (emails that shouldn’t have been marked as spam, but were). The biggest problem is that once an email has been accepted, there is a chance that it will be incorrectly classified.
So don’t accept it. Sort of.
Every email that arrives is potentially a legitimate email – so treat it as such. Only use a blackhole list on your gateway that blocks the source IP of human verified spam. And only use one, or your gateway can get confused – one list might block, another might allow.
In the end, genuine “zero spam” then relies on your users. Educate them to the value of maintaining accurate whitelists – whitelists that apply at the gateway level – not at the email client.
Anything that doesn’t get through the whitelist check needs to be quarantined – once a day, send your users an email with a list of everything they “received” that was blocked, and let them decide if they want it or not, and if they want to add it to the whitelist.
I have not received a single piece of spam in my inbox in almost two years. How many have you gotten today?